Posters to 4Chan’s /b/ forum continue to pore over the contents of thousands of images taken by users of the Snapchat messaging service that were recently leaked from a third-party website. Meanwhile, the developer behind that site, SnapSaved.com, used a Facebook post to say it was hacked because of a misconfigured Apache server. The statement also gets into the extent of the breach, while playing down reports that personal information from the users involved was also taken.
“I sincerely apologize on behalf of SnapSaved.com,” the developer’s spokesperson wrote. “We did not wish to cause Snapchat or their users harm, we only wished to provide a unique service.”
SnapSaved’s developer said there was no substance to claims by some 4Chan posters that a searchable database of the images stolen from the service’s server was being developed. “The recent rumors about the snappening are a hoax,” the developer wrote. “The hacker does not have sufficient information to live up to his claims of creating a searchable database.” The developer also said that the service actively “tried to cleanse the database of inappropriate images as often as possible…SnapSaved has always tried to fight child pornography, [and] we have even gone as far as reporting some of our users to the Swedish and Norwegian authorities.”
The U.S. National Security Agency has worked with companies to weaken encryption products at the same time it infiltrated firms to gain access to sensitive systems, according to a purportedly leaked classified document outlined in an article on The Intercept.
The document, allegedly leaked by former NSA contractor Edward Snowden, appears to be a highly classified summary intended for a very small group of vetted national security officials according to details included in The Intercept article, which was published this weekend. The document outlines six programs at the core of the NSA's mission, collected under the name Sentry Eagle.
The Intercept claims the document states "The facts contained in [the Sentry Eagle] program constitute a combination of the greatest number of highly sensitive facts related to NSA/CSS’s overall cryptologic mission."
A cache of about 13 gigabytes of stolen images from Snapchat—some of them apparently of nude, underage users of the “ephemeral” messaging platform—was posted online Thursday night, many of them to the image-sharing site 4chan’s /b/ discussion board. However, the threads linking to the images have largely been shut down by 4Chan over concerns of trafficking in what could be considered child pornography. Over 100,000 user images and videos were in the cache, according to 4chan discussions.
The images are apparently not from Snapchat’s own network but from the database of a third-party application that allows Snapchat users to save images and videos sent over the service online. In an official statement to the press, a Snapchat spokesperson said, “We can confirm that Snapchat’s servers were never breached, and were not the source of these leaks. Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Service precisely because they compromise our users’ security.”
According to a report by Business Insider, 4chan users who gained access to the images downloaded them and started to create a searchable database indexed by the usernames associated with the images. The files were also briefly hosted on a Web server that hosted Web exploits and malware.
A class of coding vulnerabilities could allow attackers to fool Windows system administrators into running malicious code because of a simple omission: quotation marks.
The attack relies on scripts or batch files that use the command-line interface, or "shell," on a Windows system but contain a simple coding error—allowing untrusted input to be run as a command. In the current incarnation of the exploit, an attacker appends a valid command onto the end of the name of a directory using the ampersand character. A script with the coding error then reads the input and executes the command with administrator rights.
"The scenario... requires a ‘standard’ user with access rights to create a directory to a fileserver and an administrator executing a vulnerable script," Frank Lycops and Raf Cox, security researchers with The Security Factory, said in an e-mail interview. "This allows the attacker to gain the privileges of the user running the script, thus becoming an administrator."
Hewlett-Packard has alerted some customers that it will be revoking a digital certificate used to sign a huge swath of software—including hardware drivers and other software essential to running on older HP computers. The certificate is being revoked because the company learned it had been used to digitally sign malware that had infected a developer’s PC.
An HP executive told security reporter Brian Krebs that that the certificate itself wasn’t compromised. HP Global Chief Information Security Officer Brett Wahlin said that HP had recently been alerted to the signed malware—a four-year old Windows Trojan—by Symantec. Wahlin said that it appears the malware, which had infected an HP employee's computer, accidentally got digitally signed as part of a separate software package—and then sent a signed copy of itself back to its point of origin. Though the malware has since been distributed over the Internet while bearing HP's certificate, Wahlin noted that the Trojan was never shipped to HP customers as part of the software package.
“When people hear this, many will automatically assume we had some sort of compromise within our code signing infrastructure, and that is not the case,” Wahlin told Krebs. “We can show that we’ve never had a breach on our [certificate authority] and that our code-signing infrastructure is 100 percent intact.”